Shielding Africa’s Mobile Future: Dr Sawadogo’s Fight Against Android Malware
In line with the African Union’s 2024 focus on Education, Science, Technology, and Innovation (ESTI), our recent PhD graduate, Dr Zakaria Sawadogo, has made significant contributions to mobile security in Africa. His thesis, “Continuous evaluation of detection features of Android malware using machine learning,” tackles a critical challenge: safeguarding Android devices from malicious applications. This research is pivotal in safeguarding mobile devices, ensuring safer and more secure technology for users.
Understanding the Objective
The primary goal of this research was to explore how different parameters affect the performance of machine learning models in detecting malicious Android applications. This included analysing the quality and quantity of training data and the metrics used to evaluate model performance. Additionally, the study proposed new methods to improve the detection process, aiming to develop an efficient, large-scale detector.
Key Areas of Focus
One significant aspect of the research was understanding how imbalanced datasets influence the results of machine learning models. Imbalanced datasets, where some classes are underrepresented, can skew the performance of models. Dr Swaadogo found that balanced precision and geometric mean metrics were more effective in these scenarios. His paper on this topic was presented at the 24th International Conference on Advanced Communication Technologies (ICACT) in 2022 and published in the “Transactions on Advanced Communications Technology (TACT).”
Dr Sawadogo introduced several ground-breaking methods for improving Android malware detection. These include Zero-Vuln, which uses supervised deep learning to detect new malware with 83% accuracy, and DeepMalOb, which identifies obfuscated malicious apps via memory dumping and neural networks, achieving up to 99% accuracy. Enhanced DeepMalOb combines security risk analysis with Multilayer Perceptrons for hidden malware detection, while a behavior-based analysis method uses AI to uncover obscured threats. Additionally, the UFILA approach improves detection through incremental learning, achieving 99% accuracy and earning the Best Paper Award at ICACT.
The Mid@ndro architecture was developed to enhance the detection of malicious software on Android devices. This middleware solution coordinates effectively between the Android operating system and the end-user, optimizing malware detection. A specific middleware, AndroSafe, was implemented to detect malicious software on Android devices effectively. This work was also presented at the 6th International Conference on Cloud Computing and Artificial Intelligence (CloudTech) and published in IEEE Xplore.
Conclusion
This thesis has made significant strides in understanding the impact of evaluation metrics and data balance on machine learning models, introduced innovative methods for malware detection, and implemented these approaches in a practical software solution. These achievements contribute substantially to the field of computer security and the fight against mobile threats. Throughout the course of this research, nine scientific publications in esteemed international journals were produced.
Our PhD scholars have demonstrated exceptional dedication and expertise, paving the way for more secure mobile technologies. Their work is a testament to the importance of continuous research and innovation in protecting our digital world.